DistroWatch Weekly

A weekly opinion column and a summary of events from the distribution world

DistroWatch Weekly

DistroWatch Weekly, Issue 746, 15 January 2018

Welcome to this year's 3rd issue of DistroWatch Weekly!
Over the past week or so there has been a lot of concern and speculation over two sets of serious flaws in popular CPU models. This week in our Questions and Answers column we break down these problems, nicknamed Spectre and Meltdown, exploring what they are, why they are important and how to deal with them. In our News section we talk about Ubuntu's fixes for these flaws along with side effects of early patches. Plus we talk about openSUSE's new YaST features, new installation images for Ubuntu 17.10 flavours and we say farewell to the Devil-Linux project. First though, we share a review of deepin, a Debian-based Linux distribution with an unusual desktop environment. deepin ships with an unusual collection of default applications and configuration tools and Jesse Smith shares thoughts on these in this week's review. We are also happy to cover the releases of the past week and to provide a list of the torrents we are seeding. Then, in our Opinion Poll, we ask how many of our readers are using Wayland display servers as opposed to the classic Xorg display server. Finally, we are pleased to announce we are testing a feature which allows readers to subscribe to news updates from specific distributions and you can get the details below. We wish you all a fantastic week and happy reading!

Listen to the Podcast edition of this week's DistroWatch Weekly in OGG (27MB) and MP3 (35MB) formats.

Feature Story (by Jesse Smith)

deepin 15.5 - A different desktop

deepin is a Debian-based Linux distribution which features the custom Deepin Desktop Environment along with several in-house desktop applications. The deepin project develops its own file manager, media players, software centre and settings panel, along with other desktop applications. Clearly, the deepin team is very busy working on a desktop solution, one which is easy to navigate.

deepin is available as a 3.2GB download for 64-bit x86 computers. Booting from the project's media gives us the option of starting the installation process, booting the operating system in failsafe mode or checking the media's integrity. In both of my test environments, deepin would boot and launch the installer (the first option), but was unable to boot in failsafe mode, whether run in UEFI or Legacy BIOS mode.

Taking the install option brings up a graphical environment where we are asked to select our preferred language from a list. In the upper-right corner of the screen there is an "X" which, when clicked, lets us abort the installation. Quitting the installer immediately powers off the computer. Once we have selected our language we are asked to create a username and password for ourselves. We can then select our time zone from a map of the world.

Partitioning comes next and here I encountered several options. We are asked whether we want Simple or Advanced partitioning. The Simple option takes over the entire hard drive, creating an ext4 file system. A 4GB swap file is set up on the root partition for us. This is the easy way forward, but it wipes out any other installed systems or partitions.

The Advanced option lets us select where to install the system's boot loader and presents us with a list of available partitions and free space. At first I wasn't able to find any way to add new partitions, but eventually found the button for adding and editing partitions is a grey icon on a grey background, making it difficult to spot. Once the button was found, setting up new partitions was fairly straight forward. The deepin installer will not proceed if the root partition is 16GB or smaller in size when we take the Advanced partitioning option. However, I found I could create a root partition smaller than 16GB if I used the Simple partitioning option. Once our partitions are assigned mount points, the installer copies its files to the computer and reboots the system.

Early impressions

Our fresh copy of deepin boots to a graphical login screen where we are shown our username and an empty, unmarked box where we should type in our password. When we sign into our account on a desktop machine with all the appropriate video drivers we are simply brought to the Deepin desktop. However, when running deepin in a virtual machine, deepin detects it is running in an unusual environment and displays a message which reads: "System has detected that you are using a virtual machine, which will affect the system performance and operation experience, for a smooth experience, it is recommend to" This is followed by two buttons, one for Effect Mode and one for Common Mode. The former offers a desktop with nice visual effects, but takes a lot more processing power, causing the desktop to lag badly in the virtual environment. The Common Mode offers good desktop performance with minimal eye candy.

The deepin desktop is presented with a launch panel at the bottom of the screen. Apart from the panel, there are no icons on the desktop. The wallpaper is a pleasant view of mountains. The left-most icon on the desktop panel brings up a full screen grid of applications. One feature of deepin's application menu I like is we can shrink the large grid of launchers down to a smaller size, approximately the dimensions of a traditional tree-style application menu. This is a time saver on desktop computers where we generally want less mouse movement.

We can right-click on icons on the panel to remove them and, in a similar fashion, we can right-click on icons in the application menu to un-install their programs. I will come back to managing software later, but for now I want to point out the consistency offered. With deepin, we can right-click items on the desktop to remove them and we can click-n-drag icons to reorder them.

Settings

deepin's settings panel deserves special mention as it is presented in an unusual style. When we click on the settings icon on the desktop panel, a grey panel appears on the right side of the screen. At first the panel shows us twelve icons for specific settings modules and presents buttons for switching from the settings menu to seeing the local weather or a list of recent notifications. When we click on a settings module we are shown the options in that module, but rather than going back to the module overview when we want to switch to another module, we can scroll up or down through the rest of the settings. The modules are effectively stacked on top of each other and we can browse through them a few at a time. For the most part the settings modules present us with a few basic, top-level options. If we want to dig deeper we can click a button to bring up more specific information or settings.

The settings panel remembers where we were last, which can be helpful. For example, early on I wanted to disable desktop sound effects. I right-clicked on the volume control, selected Settings and the settings panel opened to the sound options. Disabling sound effects took a single click. Returning to my work then automatically closed the settings panel. Had I then wanted to turn sound effects back on, I could simply tap the settings icon and the panel would re-open, showing the sound options page again.

This combination of panel memory with the way settings modules blend together in one long page and the organization of the panel makes adjusting settings on deepin a quick and easy experience.

Hardware

I tried running deepin on a desktop computer and in a VirtualBox virtual machine. On physical hardware, deepin worked well. The distribution detected my hardware, set my screen to its full resolution and generally offered good performance. The desktop was a little slow to load from the login screen, but once the sign-in process was complete, deepin responded quickly.

When running in VirtualBox, deepin worked well, so long as I ran my desktop with visual effects disabled. Enabling effects would quickly bring my desktop to a crawl, but the desktop was responsive when effects were turned off. deepin did not automatically integrate with VirtualBox, but I was able to install VirtualBox's guest modules from the distribution's software repositories and this allowed me to access my host computer's full screen resolution.

The deepin distribution was light in memory, using about 350MB of RAM. The operating system is relatively large on the disk though, using 9GB of space. If we opt to use a swap file (the default when allowing deepin's installer to take over the hard drive), an additional 4GB of space is used for swap, bringing our total to 13GB.

Applications

deepin ships with an unusual collection of applications. Many of the programs included are either closed source or custom applications developed by the deepin project. The Chrome web browser is featured with Flash support, the WPS office suite is available for working on documents and the Foxit Reader gives us a tool for reading PDF documents. The distribution also ships with Skype, a Spotify client, the Steam gaming client and CrossOver for installing and running Windows applications. Custom applications include the Deepin Image Viewer, Deepin File Manager, Deepin Music, Deepin Movie and Deepin Screenshot. We also find Deepin Screen Recorder, Deepin Voice Recorder and a launcher called Deepin Feedback which opens Chrome and takes us to a web form where we can leave feedback on the distribution. Rounding out the custom applications we find Deepin Calendar, Deepin Clone for making and restoring backups of partitions and Deepin System Monitor. I like that the Deepin tools are given clear names stating their function as it makes it easier to find what I am looking for, even on a platform I usually do not use.

The deepin distribution also includes some familiar open source programs, including the Thunderbird e-mail client, the CUPS printing software, the gedit text editor, a document scanner and ChmSee document viewer. deepin features the GParted partition manager, the GNU Compiler Collection and Network Manager is available to connect us to the Internet. deepin uses the systemd init software and ships with Linux kernel version 4.9.

Working with WPS, media files, snapshots and CrossOver

Since deepin ships with an unusual collection of software, I would like to quickly cover some of the items in the distribution's application menu. One of the big differences between deepin and most mainstream Linux distributions is the inclusion of the WPS productivity suite instead of LibreOffice. WPS tries to look and act more like Microsoft Office. The WPS interfaces uses a ribbon-style set of menus and offers good support for MS-Office's document formats. WPS appears to trying to be a MS-Office replacement rather than the everything-in-one-place solution LibreOffice provides.

When I first started working with deepin I found I could play audio files, including MP3 files, through Deepin Music. However, I was unable to play video files using Deepin Movie. I installed the Totem video player and found Totem could play my video files. This would seem to point to an issue with Deepin Movie rather than the codecs available on the system.

One tool I was intrigued by is Deepin Snapshot. This program makes it possible backup the computer's hard drive, or a single partition, and save it as an image file. The tool also performs the reverse action, taking an image of a drive or partition and restoring it. I did not explore using Deepin Snapshot much, but I do think it is an odd choice. Usually snapshots are not performed on running systems and deepin does not feature a live desktop on its installation media. A full partition snapshot is also not ideal for backups and deepin does not appear to include an application for normal file archive backups. In short, Deepin Snapshot appears to be a user friendly way to make disk images, but I think it would make more sense for most users to use a backup tool like Deja Dup or a dedicated clone tool such as Clonezilla.

CrossOver is included to help users install and run Windows programs. CrossOver ships with many recipes for downloading and installing Windows software. This means we can generally install Windows programs with a few clicks. I tested a few of the provided recipes and they worked well, when the Windows installers could be downloaded successfully (some links are old and broken). If someone needs to run Windows applications on their Linux machine, CrossOver is probably the easiest and most reliable way to get those programs working, short of using a virtual machine.

During my time with deepin I did not see any notifications for software updates. One of the modules on the settings panel handles checking for updates and when I used this, throughout my trial, the update tool only once reported an update was available. When this happens a banner letting us know about the new update is displayed at the top of the settings panel. We can install all updates with the click of a button. At one point I also checked for updates using the APT command line tools and found there was one update available, for Spotify. However, the Spotify package could not be verified due to a missing or incorrect verification key and so the update was being held back.

Most software management is handled by an application called Deepin Store. By default, Deepin Store shows us a selection of features or popular titles. Down the left side of the window are software categories we can click on to browse through. There is also a search box that allows us to find applications by name. Items in a category or search result are displayed with their name and an icon. Hovering the mouse over an icon gives us the option of clicking an Install button or bringing up a full page summary of the package, complete with description and screen shot. Once we have clicked the Install button, a spinning circle appears in the upper-right corner of the window and we can click this circle to see progress information on queued items.

I could not find a way to remove items through Deepin Store. I did find that right-clicking on launchers in the application menu brings up a menu that allows us to remove the package from our system. Both the install and remove actions can be performed without entering a password or other authorization. I found I could install or remove applications using any user account, even when that account did not have sudo access.

There is a second desktop application for working with packages. The package manager application allows us to select .deb packages we have downloaded. The package manager then attempts to install any dependencies required by the .deb archive and installs the program. Unlike Deepin Store, the package manager does prompt for our sudo password when installing a new package.

Other observations

There were some other items I noticed when using deepin, small quirks or features which showed up after a few days. One feature I found odd was the prompts deepin displays for passwords almost never indicate what they are asking for. The user almost never sees the word "password" in a prompt. When we sign into our account or are prompted to provide our sudo password there is almost never any indication of what is being asked for, we just see a blank text input box in the middle of the screen. People familiar with Linux will recognize what is being asked for, but newcomers may not recognize the task they are performing is what is triggering the appearance of the empty text field.

I found almost all applications could be easily resized by dragging the corner or side of a window. The exception was the default terminal application. The deepin terminal can be set up as a small box or a full-screen window, but does not have drag-able borders.

When creating new user accounts, each new user is automatically added to the sudo group. This effectively makes all users system administrators. As I mentioned before, even if we take away sudo access, all users can install or remove applications without being prompted for a password.

deepin is one of the few distributions I have encountered which makes it easy to have decimal (rather than full integer) display scaling. Scaling is easily found in the settings panel under the display options.

I like that it is possible to change the size of the application menu, toggling between a classic, tree-style sized menu and a full screen menu. This should make it easy to use deepin's menu whether we are using a mouse or a touch screen. I also like that we can move the desktop panel to any side of the display without warping the look of the panel or its icons.

Conclusions

Playing with deepin this week was an unusual experience in many aspects. The distribution uses familiar technology under the hood (the Linux kernel, APT package manager and GNU userland tools), but deepin ships with its own highly customized desktop environment and many custom applications. deepin further has its own software manager and a nearly unique approach to working with settings. Using deepin is a little like visiting a different country where everyone speaks the same language, but drives on the opposite side of the road.

On the positive side of things, I think deepin and its desktop are very well designed. I like the consistency of the desktop, the way right-clicking and dragging always work the same way, for example. I love the settings panel as it makes browsing settings very straight forward and it is unusually easy to find the settings I want to change.

At first I thought having a collection of custom default applications, "the Deepin apps" as I came to think of them, would introduce a learning curve, but these applications were mostly designed in familiar ways. The file manager, music player and other tools should all feel familiar to people accustomed to using the equivalent GNOME or KDE applications. I also like that the deepin utilities are named clearly. A new user on another distribution might wonder what "Caja" or "Totem" does, but "Deepin System Monitor" and "Deepin Music" are pretty obvious.

I was disappointed there was no live desktop option. I like to test distributions live before installing them to make sure my hardware is compatible. Hopefully future versions of deepin provide a live environment for testing and showing off the Deepin Desktop Environment.

In the past I have run into performance trouble with Deepin Desktop, but this time performance was smooth. I appreciate that it is easy to toggle visual effects on and off, depending on whether we favour eye candy or performance.

Personally, I am wary of deepin including many non-free software options, such as Chrome. This is an unusual approach for a Linux distribution to take. It may be convenient for many users, but I would have preferred if the distribution had favoured open source solutions.

In the end, I think what deepin is doing is very user friendly. The way all the desktop components fit together and the clearly named applications make me think deepin is doing a great job appealing to newcomers. The installer, if we avoid the advanced partitioning screen, is probably one of the easiest to use in the Linux community.

Sometimes I think deepin favours ease of use over security, for example by giving all users sudo access or allowing all users to install new applications. I wouldn't want to use deepin on a shared computer for these reasons, but for a personal laptop, I don't think I could find an easier, more user friendly solution.

* * * * *

Hardware used in this review

My physical test equipment for this review was a desktop HP Pavilon p6 Series with the following specifications:

Processor: Dual-core 2.8GHz AMD A4-3420 APU

Storage: 500GB Hitachi hard drive

Memory: 6GB of RAM

Networking: Realtek RTL8111 wired network card

Display: AMD Radeon HD 6410D video card

* * * * *

Visitor supplied rating

deepin has a visitor supplied average rating of: 9/10 from 207 review(s).
Have you used deepin? You can leave your own review of the project on our ratings page.

There are some significant new changes coming to the YaST system administration tool included in the openSUSE distribution. People running openSUSE's rolling "Tumbleweed" branch should soon get to see and test improvements in the way YaST handles storage devices. The improvements are largely due to an overhaul of the Libstorage component which handles partitioning, LVM volumes and disk management. "This relatively low-level component has been a constant source of headaches for YaST developers for years, but all that effort is about to bear fruit. The original design has fundamental flaws that limited YaST in many ways and the YaST Team have been working to write a replacement for it: the libstorage-ng era has begun. This document offers an incomplete but very illustrative view of the new things that libstorage-ng will allow in the future and the libstorage limitations it will allow to leave behind. For example, it already makes possible to install a fully encrypted system with no LVM using the automatic proposal and to handle much better filesystems placed directly on a disk without any partitioning. In the short future, it will allow to fully manage Btrfs multi-device filesystems, bcache and many other technologies that were impossible to accommodate into the old system." Further details can be found on the openSUSE news page.

* * * * *

Over the past week many Linux distributions have published software updates to deal with the CPU flaws commonly referred to as Meltdown and Spectre. Unfortunately, some kernels which include the fix are causing problems of their own. For instance, some Ubuntu 16.04 users who installed kernel version 4.4.0-108 found their systems would not boot with the new kernel. Rebooting the machine and selecting an older kernel from the boot menu works around the issue. Canonical quickly published a new kernel update, version 4.4.0-109, which fixed the issue. More details can be found in this Launchpad report.

* * * * *

In December we reported that Ubuntu (and its community flavours) were removing download links for version 17.10. The installation images were pulled due to a bug which could corrupt the BIOS of certain computers. The issue has since been fixed and the Ubuntu Community Editions have published new ISO files, carrying the version number 17.10.1. The Lubuntu blog states: "Lubuntu 17.10.1 has been released to fix a major problem affecting many Lenovo laptops that causes the computer to have BIOS problems after installing. You can find more details about this problem here. Please note that the Meltdown and Spectre vulnerabilities have not been fixed in this ISO, so we advise that if you install this ISO, update directly after. This release is no different in terms of features from the 17.10 release, and is comparable to an LTS point release in that all updates since the 17.10 release have been rolled into this ISO."

* * * * *

Devil-Linux is a minimal distribution designed to run on firewalls and routers. After many years of operating, the Devil-Linux project is being shut down. Heiko Zuerker posted to the project's mailing list: "Unfortunately, after almost 20 years, I have to officially stop releasing new versions of Devil-Linux. I simply do not have the time anymore to do this properly. This is in addition to GRSecurity not being available anymore to the general public, which was the core of our security features. It has been a blast maintaining this distro and we had a lot of long-term followers, for which I am very grateful. All current downloads and the sources will of course stay on the websites."

There is a lot of information, and sometimes misinformation, about two processor (CPU) bugs which affect millions of computers and their users. This week we are going to try to clear up some of the details of the CPU vulnerabilities commonly referred to as Spectre and Meltdown.

First, let's talk about what each one is. The two issues are similar in many ways, but are two separate set of bugs. Meltdown is the name of an issue which affects Intel x86 CPUs and some complex ARM CPUs. Meltdown allows a malicious program to read parts of the kernel's memory. This makes the whole operating system vulnerable as some important and private information is kept inside the kernel's memory. At this time it appears as though AMD x86 processors and some of the more simple ARM CPUs are not affected by the Meltdown bug.

Spectre is a little different. The Spectre bugs affect a wider range of hardware processors, including all modern Intel, AMD and ARM CPUs. The Spectre bug allows one malicious program to read the memory of other programs running on the same system. This means one program's password or security keys might be read by another program. Further, it has been shown that Spectre could allow a malicious program to send data to a guest operating system running in a virtual environment. Spectre can be triggered through JavaScript, meaning we can be affected simply by visiting an infected website.

These two issues are getting a lot of attention. Partly because they are very wide-spread, affecting millions of devices. And partly because successfully exploiting either issue can give an attacker a lot of access to the computer's memory and potentially critical information.

Fixing these two issues is complicated. Unfortunately, since both bugs are located in the CPU hardware itself, the problem cannot be truly fixed in software. At best, software like an operating system's kernel can be patched to work around the flaws. In the case of Meltdown, each operating system's kernel (whether it is Linux, macOS, a BSD or Windows) can be patched to work around the CPU flaw. The kernel patch is applied like any other security update by the operating system's package manager. The fixed kernel may cause some applications to run slower, but usually not to a noticeable amount on personal computers.

Spectre is harder to fix. The Spectre flaws represent a whole class of attacks, not just one specific flaw in the processor's hardware. This means working around the issue needs to happen in several places. Web browsers need to be patched to prevent JavaScript on web pages from performing attacks, Google is looking at compiler fixes to steer software away from Spectre flaws. Dealing with Spectre is an on-going issue and will likely involving patching quite a lot of packages.

So what can we do about Meltdown and Spectre? From an end-user's point of view, not much. These problems exist in the CPU and affect processors going back years. Because the issues exist in hardware which cannot simply be patched, we need to wait for software developers to work around the issues. For most of us, the best we can do is apply security updates through our operating system's package manager when fixes become available. Fortunately, most major Linux distributions have already tested and made Meltdown patches available. Some patches to deal with Spectre have been published and more will likely become available in the coming weeks.

Further information and commonly asked questions about both Meltdown and Spectre can be found on the Meltdown and Spectre website.

Parted Magic, a Linux distribution run from a live disc for managing hard drives and partitions, has been updated. The new version, Parted Magic 2018_01_08, introduces a new kernel with better support for a range of video cards. File system tools, such as those used to manage Btrfs and ZFS volumes, have been upgraded too. "The Linux kernel has been updated to 4.14.11. I have received a lot of glowing reviews of the newer video cards it supports and it's stability. The 2017_09_05 release was our most successful release to date with very little complaints. Instead of changing a bunch of stuff for the sake of changing a bunch of stuff, we basically kept it the way it was. We only addressed the little issues and updated relevant software. GParted has been updated to 0.30.0. I would like to do something different with the artwork though. If anybody out there would like to create something new, contact us. Other updates: e2fsprogs 1.43.8, Mozilla Firefox 52.5.3esr, MESA 17.2.8, X.Org Server 1.19.6, OpenSSL 1.0.2n, Samba 4.4.16, NetworkManager 1.8.4, wget 1.19.2, Python 2.7.14, Ruby 2.2.8, cURL 7.56.1...." A list of new and changed packages can be found on the project's news page and in the distribution's changelog.

The Amnesic Incognito Live System (Tails) is a Debian-based live DVD/USB with the goal of providing complete Internet anonymity for the user. The project's developers have released Tails 3.4 which includes kernel fixes for the Meltdown and Spectre bugs, updates uBlock Origin and includes fixes for package installation. "Tails 3.4 is out. This release fixes many security issues and users should upgrade as soon as possible. In particular, Tails 3.4 fixes the widely-reported Meltdown attack, and includes the partial mitigation for Spectre. Changes: update Linux to 4.14.12 which fixes Meltdown, Spectre (only partially) and many other issues; fix an issue that made Tails start very slowly, in particular on DVD; don't delete downloaded Debian packages after installing them, this is mostly relevant for users of the APT Packages persistence feature; fix an issue that prevented some Debian packages to install properly with the Additional software feature; update uBlock Origin to restore its icon in Tor Browser and make its settings dashboard work again." Additional information and known issues can be found in the project's release announcement and in the changelog.

OSMC (formerly Raspbmc) is a Debian-based minimal Linux distribution that brings the Kodi media centre software to a Raspberry Pi, Apple TV and Vero devices. The OSMC project has released a new version featuring a Debian 9 "Stretch" base and version 17.6 of the Kodi media centre. This release also introduces OpenVPN support. "As you may have noticed, we didn't release an OSMC update in November. After a lot of hard work, OSMC's slightly belated December update is here with Debian Stretch and Kodi 17.6. This yields a number of improvements, and is one of our largest OSMC updates yet: Better performance. A larger number of software packages to choose from. More up to date software packages to choose from. We'd like to thank everyone involved with testing and developing this update." A full list of changes and fixed can be found in the distribution's release announcement.

The table below provides a list of torrents DistroWatch is currently seeding. If you do not have a bittorrent client capable of handling the linked files, we suggest installing either the Transmission or KTorrent bittorrent clients.

Archives of our previously seeded torrents may be found in our Torrent Archive. We also maintain a Torrents RSS feed for people who wish to have open source torrents delivered to them. To share your own open source torrents of Linux and BSD projects, please visit our Upload Torrents page.

These days some of the bigger names in open source operating systems, including Fedora, Ubuntu and FreeBSD, are enabling Wayland support by default. Wayland is the display technology which is designed to replace the aging Xorg display server. We would like to find out how many of you are now running desktop sessions on Wayland.

One of the most requested features we received during 2017 was the ability to subscribe to one specific distribution's updates, announcements and headline posts. Some of our readers are interested in one (or a handful) of distributions and would like to be able to subscribe to those specific projects while filtering out others. We are testing a feature which enables readers to subscribe to new updates we post for a single distribution using RSS feeds. At the top of each distribution's page, right above the description summary, there is an orange RSS feed icon. The icon links to the project's RSS feed where recent release announcements and news posts will be listed as we publish them.

Locating the RSS feed button

Right now the feeds include headline posts, minor version updates and front page announcements. If people find the feature useful, we may expand it to include distribution-specific security notifications and other updates.

This concludes this week's issue of DistroWatch Weekly. The next instalment will be published on Monday, 22 January 2018. Past articles and reviews can be found through our Article Search page. To contact the authors please send e-mail to:

kmLinux was a German Linux distribution intended for schools and other educational establishments. It was based on SUSE LINUX and was developed by the Association for Free Software and Education for the school authority of the German state of Schleswig-Holstein.